Hier j'ai eu un petit souci technique de publication, et je n'ai pas eu l'énergie de le creuser après une journée bien blindée. Ainsi commencent les premiers liens du samedi!
Au menu : Mockingjay process injection technique allows EDR bypass, The Small Stuff, Blog with Markdown + Git and degrade gracefully through time
For our proof of concept, we specifically chose the ssh.exe process located in the Visual Studio directory to inject our payload. It is important to note that in this injection method, there is no need to explicitly create a thread within the target process, as the process automatically executes the injected code. This inherent behavior makes it challenging for Endpoint Detection and Response (EDR) systems to detect this method.
C’est si « bête », et du coup si génial.
For three days and nights the Java master did not emerge from his cubicle. On the fourth day the monks of the temple sent a novice to inquire after him.
The novice found the master at his whiteboard, contemplating a single dataflow diagram. The novice recognized it as a minor component of the vast system that the monks were contracted to maintain. Politely, the novice asked what the master was working on.
De la fiction à propos de concepts sur le développement de logiciels écrite sous forme de koans. Assez reposant et drôle. Chaque koan est bien court. À lire à votre rythme.
Punishment for cancelled subscriptions
[…]
Since I deactivated my Workspace account, I’ve noticed that Google regularly tries to push me to reactivate the account.
[…]
There are a few things that make this a particularly dark pattern:
- This happens even when I’m trying to access services that are openly available to users without a Google account, like Google Translate.
- I’m simultaneously signed into several Google accounts, but Google always defaults to the ex-Workspace account.
- When I try to switch account from this page, I’m redirected to the admin.google.com interface, which is only available to Google Workspace accounts. This makes it difficult to switch to a non-Workspace account.
[…]
This anecdote serves as a frequent reminder not to use Google at all.
Quelle bande de pourris.
A simple proposal I’d like to make to current and future blog authors: run your blog in whatever technology you want […] But, remember at the end of the day that a blog is text and multimedia. Store your content in the simplest formats in which it can possibly be stored – I’d suggest Markdown and Git – and use the great frontend to read from that and render it however you want.
Exactement ce sur quoi ce blog repose. Ce qui construit le blog est custom, et plutôt light. En revanche mon plus grand problème c’est la technologie sur laquelle repose la Newsletter. J’utilise majoritairement mon mobile pour toutes les étapes, de l’écriture à la publication. Cependant il arrive (trop) fréquemment que le service de mailing échoue, et l’interface responsive est absolument horrible en version mobile. Quand j’aurai regagné un peu d’énergie, je vais chercher à m’en débarrasser.